CoW Swap Hack: $1.2M Lost via DNS Domain Hijack

CoW Swap report say dem loss about ~$1.2M after people wey attack the project use social engineering take jack the domain and redirect users go fake phishing site wey resemble the real one. CoW Protocol contracts no clear compromise, but the DNS/domain-control attack target the access layer — dem comot wallet approvals and transaction signatures. CoW talk say the attackers pretend to be real staff to scam the domain registrar, den change DNS records make dem point to the bogus website. As response, CoW regain domain control, move to better-secured registrar, and apply registry lock. CoW DAO advise users make dem revoke approvals wey dem give after 14:54 UTC, especially those linked to the original GPv2VaultRelayer contract. Earlier reports talk say loss fit be around ~$500k (figures different and no confirmation), and at least one person reportedly lose $50k+. Aave also disable CoW Swap endpoints for integrators as precaution, but confirm say Aave’s interface and protocol no suffer. For traders, the main lesson be say CoW Swap smart-contracts look intact, but bad approvals still fit cause direct loss. Expect short-term sentiment risk for web-based DeFi aggregators; to reduce risk, always check URLs before you connect or sign and revoke suspicious allowances quick.